// middleware/auth.js - 权限验证中间件
import { getServerSession } from "next-auth/next";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";

// 验证是否为管理员
export const isAdmin = async (req) => {
    const session = await getServerSession(req, {
        ...authOptions,
        req,
    });

    // 未登录或非管理员，返回false
    if (!session || session.user.type !== "admin") {
        return false;
    }
    return true;
};